[93678] in North American Network Operators' Group
Re: need utillity that can do complex tcp replay
daemon@ATHENA.MIT.EDU (Andre Gironda)
Tue Dec 12 11:50:00 2006
Date: Tue, 12 Dec 2006 09:42:58 -0700
From: "Andre Gironda" <andre@operations.net>
Reply-To: andre@operations.net
To: nanog@nanog.org
In-Reply-To: <Pine.LNX.4.62.0612120018340.14618@sokol.elan.net>
Errors-To: owner-nanog@merit.edu
It appears that you have already found it. what's wrong with tcp-replay?
i'm not sure exactly what you mean by "simulated client". are you
looking for interactivity?
i saw this problem/need described well in chapter 4 of microsoft press
"Hunting Security Bugs". the authors of the book provide a tool
called MITM (on their companion site). The book also provides a link
to a tool called Interactive TCP Relay
http://www.imperva.com/application_defense_center/tools.asp
the Unix opensource tools netcat, scapy, and blackbag (especially
telson, blit) may also help out.
also, in particular for HTTPS, you may want to consider using a local
http proxy such as the very popular burpproxy. there are scripts to
parse and replay burp's logfiles generated from request/responses
available in various places, including Network Security Tools from
O'Reilly.
dre
On 12/12/06, william(at)elan.net <william@elan.net> wrote:
> I need to find utility for testing of application debugging issue that
> can replay captured ip traffic, something similar to description at:
> http://tcpreplay.synfin.net/trac/wiki/flowreplay
> William Leibzon
